Andrey K
Reputation: 51
Ip authentication in Spring Security
I have Spring Security 4.2.2 in my web-app and configured LDAP based authentication. In addition i also need to authenticate all users with specified ip without log-in form and set the "local_user" role for them. How can i perform that authentication scenario?
upd: I mean, that "local users" must view the same content as the users that have authorized through login form.
Upvotes: 0
Views: 582
Answers (1)
Afridi
Reputation: 6932
You can do that using antMatchers like below code:
@EnableWebSecurity
@Configuration
public class BasicSecurityConfig extends WebSecurityConfigurerAdapter{
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/baseUrl/anything-else/**").hasIpAddress("ipAddressExpression")
}
}
Updated
http.authorizeRequests()
.antMatchers("/baseUrl/anything-else/**").access("hasIpAddress('ipAddressExpression') or fullyAuthenticated()");
Upvotes: 1
Related Questions
- How to Restrict Access to Resources by IP Address and Credentials in Spring 5.7+
- IP address based authorization
- How to secure anonymous access restricted by ip address in Spring Security?
- spring basic authentication plus ip filter
- spring security authentication using ip address and username password
- How can authenticate user by only ip address in spring security?
- How to save ip address to a DB from authenticated user with Spring security?
- IP Address Authentication before login into application
- Authenticating By IP Address In Spring 3.1: Smartest Way To Do That?
- Spring security: Adding a new ROLE which supports authentication by IP